Identity Security

Read all about identity security on the OctopusBlog!

Air Gap Network Multi Factor Authentication

By |August 20th, 2019|Categories: Articles|Tags: , , |

Air gaping. It’s the ‘nuclear option’ of network security. By separating a machine from any other computer, managers can all but guarantee that it cannot be penetrated remotely. Air gaping, or network separation as it is often known, is the step taken by the serious neurotics among users or because the regulatory body you report to insist on it, those whom [...]

In Passwords We Trust! But Why?

By |August 15th, 2019|Categories: Articles|Tags: , , , , , |

The most recent security baseline report from Microsoft has been making waves in the world of digital security. Experts at Microsoft asset that password-based authentication represents a basic risk to networks. “There’s no question that the state of password security is problematic and has been for a long time,” reads the post. “When humans pick their own passwords, too often they [...]

Every Password Matters – The PCM Case

By |July 22nd, 2019|Categories: Articles|Tags: , , , |

Large tech companies like Microsoft and Google go to great lengths to secure their services and protect their customers’ accounts and identities. But what about the security of the partners and third parties that provide services on their behalf? A recent article on famous cybersecurity blog KrebsOnSecurity blog post unveiled a breach at PCM, a major California-based provider of technology products, [...]

How Poor Passwords Turned 50,000 Servers Into Cryptocurrency Miners

By |June 26th, 2019|Categories: Articles|Tags: , , , |

In May, researchers from security firm Guardicore uncovered a massive campaign by Chinese hackers to break into online Windows servers and to infect them with cryptocurrency miners. Cryptominers are special malware that hijack the resources of the infected machine to solve complicated mathematical equations and collect cryptocurrency rewards. As explained by the security researchers, the hackers used sophisticated techniques along the [...]

The Verizon Breach Report – 4 Things Learned

By |May 27th, 2019|Categories: Articles|Tags: , , , |

Telecom giant Verizon Wireless recently released their annual Data Breach Investigation Report for 2019. The Report lays out a data-driven assessment of threat trends and other stats on information-breach incidents over the previous year. Looking over the Report’s 78 pages, several important realities about the state of authentication security come to light. Stolen Passwords are Still #1 Threat The 2019 report [...]

What Passwordless Authentication Prevents?

By |May 1st, 2019|Categories: Articles|Tags: , , , |

If we could sum up our message at Secret Double Octopus, it would be that password authentication is outdated and dangerous. While the general risks of weak authentication are well known, often users don’t quite understand the full implications of this threat. We therefore decided to use this post to provide a more comprehensive overview of all the vulnerabilities of passwords--and [...]

Solving Phishing from the Root

By |April 3rd, 2019|Categories: Articles|Tags: , , |

Spear phishing. It’s one of the more vicious methods used by today’s cyber criminals to compromise networks. Phishing related attacks have been a favorite of the hackers tool kit for years. And these kinds of attacks are becoming more common and more sophisticated over time. What is Spear Phishing? In its most basic definition, phishing is an attempt to illicitly obtain [...]

Virtual Desktop (VDI) Authentication

By |December 20th, 2018|Categories: Articles|Tags: , , , |

The Bring Your Own Device (BYOD) approach is highly embraced by organizations, connecting users to corporate networks to reduce costs or as an easy solution for remote workers. The main beneficiaries of the trend are Virtual Desktop Infrastructure (VDI) such as Citrix, VMware and Microsoft,  For many organizations and companies, Virtual Desktops provide an interesting option to connect their employees to [...]

Password- Based Authentication: Vulnerabilities And Alternative Solutions

By |December 5th, 2018|Categories: Articles|Tags: , , , , , |

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

VPN MFA – The Gateway to the Kingdom

By |November 22nd, 2018|Categories: Articles|Tags: , , |

Enterprises have long used Virtual Private Networks (VPN) to protect their systems and provide a secure work environment. In today’s dynamic business climate, VPN’s have become even more essential. Private networks are now commonly used for organizations that want to give their employees remote, unfettered access to their private servers. With the security and flexibility they provide, it’s no wonder why [...]

The UN Unexpected Example of Poor Password Management

By |October 4th, 2018|Categories: Articles|Tags: , , , |

A couple weeks ago, we covered the West Australian government’s security audit here on the Octopus Blog. The section of the governmental audit’s research into cyber security practices unveiled some pretty disturbing facts. Given the opportunity, users will choose the most obvious, easiest to guess passwords, leaving them wide-open targets for cyber criminals. While the size and scope of this phenomenon [...]

Certificates and Inherit Trust

By |September 23rd, 2018|Categories: Articles|Tags: , , , |

On the Octopus Blog, we’ve delved quite a bit into the vulnerabilities of contemporary encryption standards. The system of Public Key Infrastructure (PKI) which forms the basis of most of the worlds authentication platforms, while presenting a powerful, easy to use encryption model, still left several holes through which attackers can breach networks and steal identities. Perhaps the single biggest problem [...]

How to Secure the Health Industry

By |August 27th, 2018|Categories: Articles|Tags: , , |

Data breaches at healthcare organizations are some of the most critical security incidents. They put very damaging information at the disposal of cybercriminals and malicious actors. A slate of regulations in different jurisdictions classify health data as highly sensitive and penalize organizations that mishandle the information or fail to protect it against hackers. An example is the Health Insurance Portability and [...]

Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search